Active Directory. Persistent Search or Entry Change Notification

Question

Active Directory. Persistent Search or Entry Change Notification

2k views Asked by nikelyn At 21 September 2024 at 10:16

I want to get changes for user entities from active directory(AD) with UnboundID LDAP SDK.

Does AD support Persistent Search or Entry Change Notification by default or I must to do any settings?

Thanks in advance

Original Q&A

There are 2 answers

**Esteban** · Answer 1 · 2017-09-14 07:32:19

You have to use the extended search operation on Active Directory which allows you to register to be notified when a change occurs.

This is the OID provided by Microsoft AD for doing so :

https://msdn.microsoft.com/en-us/library/aa366983(v=vs.85).aspx

In terms of UnboundID LDAP SDK, it seems this control should do what you need ~~to be this control~~ (but not a Java expert):

https://docs.ldap.com/ldap-sdk/docs/javadoc/com/unboundid/ldap/sdk/experimental/ActiveDirectoryDirSyncControl.html

**István Békési** · Answer 2 · 2018-01-10 15:11:11

Based on the suggested comments, LDAP_SERVER_NOTIFICATION_OID control implementation should work on AD. See this very basic test example:

// LDAP_SERVER_NOTIFICATION_OID (1.2.840.113556.1.4.528)
@Test
public void test_LDAP_SERVER_NOTIFICATION_OID() throws LDAPException, InterruptedException
{
    AsyncSearchResultListener myAsyncSearchResultListener = new MyLdapChangeAsyncListener();

    SearchRequest searchRequest = new SearchRequest(
            myAsyncSearchResultListener,
            "DC=test,DC=lab,DC=com",  // baseDN
            SearchScope.SUB,
            Filter.createPresenceFilter("objectClass"), null);

    Control myControl = new Control("1.2.840.113556.1.4.528");
    searchRequest.addControl(myControl);

    AsyncRequestID asyncSearchId = connection.asyncSearch(searchRequest);

    // Wait 15 seconds for changes to be returned
    Thread.sleep(15000);

    connection.abandon(asyncSearchId);
    connection.close();

}


private class MyLdapChangeAsyncListener implements AsyncSearchResultListener
{
    @Override
    public void searchEntryReturned(SearchResultEntry searchEntry)
    {
        System.out.println(" >>> ldap searchEntryReturned: " + searchEntry);
    }

    @Override
    public void searchReferenceReturned(SearchResultReference searchReference)
    {
        System.out.println(" >>> ldap searchReferenceReturned: " + searchReference);
    }

    @Override
    public void searchResultReceived(AsyncRequestID requestID, SearchResult searchResult)
    {
        System.out.println(" >>> ldap searchResultReceived: " + requestID + " / " + searchResult);
    }

}

The test does not do much. Waits for 15 seconds meanwhile any changes within the baseDN should be printed out.

TechQA.

Active Directory. Persistent Search or Entry Change Notification

There are 2 answers

Related Questions in ACTIVE-DIRECTORY

Related Questions in LDAP

Related Questions in UNBOUNDID-LDAP-SDK

Popular Questions

Popular Tags

Trending Questions